<html>

<head>
    <meta http-equiv=Content-Type content="text/html; charset=utf-8">
    <meta name=Generator content="Microsoft Word 15 (filtered)">
    <style>
        <!--
        /* Font Definitions */
        @font-face
        {font-family:宋体;
            panose-1:2 1 6 0 3 1 1 1 1 1;}
        @font-face
        {font-family:"Cambria Math";
            panose-1:2 4 5 3 5 4 6 3 2 4;}
        @font-face
        {font-family:Calibri;
            panose-1:2 15 5 2 2 2 4 3 2 4;}
        @font-face
        {font-family:微软雅黑;
            panose-1:2 11 5 3 2 2 4 2 2 4;}
        @font-face
        {font-family:Cambria;
            panose-1:2 4 5 3 5 4 6 3 2 4;}
        @font-face
        {font-family:"\@微软雅黑";
            panose-1:2 11 5 3 2 2 4 2 2 4;}
        @font-face
        {font-family:"\@宋体";
            panose-1:2 1 6 0 3 1 1 1 1 1;}
        /* Style Definitions */
        p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
            margin-bottom:.0001pt;
            text-align:justify;
            text-justify:inter-ideograph;
            font-size:10.5pt;
            font-family:"Calibri","sans-serif";}
        h1
        {mso-style-link:"标题 1 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        h2
        {mso-style-link:"标题 2 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        h3
        {mso-style-link:"标题 3 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        h4
        {mso-style-link:"标题 4 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        h5
        {mso-style-link:"标题 5 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        h6
        {mso-style-link:"标题 6 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";
            font-weight:normal;}
        p.MsoHeading7, li.MsoHeading7, div.MsoHeading7
        {mso-style-link:"标题 7 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";}
        p.MsoHeading8, li.MsoHeading8, div.MsoHeading8
        {mso-style-link:"标题 8 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";}
        p.MsoHeading9, li.MsoHeading9, div.MsoHeading9
        {mso-style-link:"标题 9 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-autospace:none;
            font-size:12.0pt;
            font-family:"Times New Roman","serif";}
        p.MsoHeader, li.MsoHeader, div.MsoHeader
        {mso-style-link:"页眉 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            text-align:center;
            layout-grid-mode:char;
            border:none;
            padding:0cm;
            font-size:9.0pt;
            font-family:"Calibri","sans-serif";}
        p.MsoFooter, li.MsoFooter, div.MsoFooter
        {mso-style-link:"页脚 Char";
            margin:0cm;
            margin-bottom:.0001pt;
            layout-grid-mode:char;
            font-size:9.0pt;
            font-family:"Calibri","sans-serif";}
        span.1Char
              {mso-style-name:"标题 1 Char";
                  mso-style-link:"标题 1";
                  font-family:"Times New Roman","serif";
                  font-weight:bold;}
        span.2Char
              {mso-style-name:"标题 2 Char";
                  mso-style-link:"标题 2";
                  font-family:"Cambria","serif";
                  font-weight:bold;}
        span.3Char
              {mso-style-name:"标题 3 Char";
                  mso-style-link:"标题 3";
                  font-family:"Times New Roman","serif";
                  font-weight:bold;}
        span.4Char
              {mso-style-name:"标题 4 Char";
                  mso-style-link:"标题 4";
                  font-family:"Cambria","serif";
                  font-weight:bold;}
        span.5Char
              {mso-style-name:"标题 5 Char";
                  mso-style-link:"标题 5";
                  font-family:"Times New Roman","serif";
                  font-weight:bold;}
        span.6Char
              {mso-style-name:"标题 6 Char";
                  mso-style-link:"标题 6";
                  font-family:"Cambria","serif";
                  font-weight:bold;}
        span.7Char
              {mso-style-name:"标题 7 Char";
                  mso-style-link:"标题 7";
                  font-family:"Times New Roman","serif";
                  font-weight:bold;}
        span.8Char
              {mso-style-name:"标题 8 Char";
                  mso-style-link:"标题 8";
                  font-family:"Cambria","serif";}
        span.9Char
              {mso-style-name:"标题 9 Char";
                  mso-style-link:"标题 9";
                  font-family:"Cambria","serif";}
        span.Char
        {mso-style-name:"页眉 Char";
            mso-style-link:页眉;
            font-family:"Times New Roman","serif";}
        span.Char0
        {mso-style-name:"页脚 Char";
            mso-style-link:页脚;
            font-family:"Times New Roman","serif";}
        /* Page Definitions */
        @page WordSection1
        {size:595.25pt 841.85pt;
            margin:72.0pt 72.0pt 96.0pt 72.0pt;}
        div.WordSection1
        {page:WordSection1;}
        @page WordSection2
        {size:595.25pt 841.85pt;
            margin:72.0pt 72.0pt 96.0pt 72.0pt;}
        div.WordSection2
        {page:WordSection2;}
        -->
    </style>

</head>

<body lang=ZH-CN style='text-justify-trim:punctuation'>

<div class=WordSection1>

    <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:center;
text-autospace:none'><b><span lang=EN-US style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'>&nbsp;</span></b></p>

    <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:center;
text-autospace:none'><b><span lang=EN-US style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'>&nbsp;</span></b></p>

    <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:center;
text-autospace:none'><b><span lang=EN-US style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'>&nbsp;</span></b></p>

    <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:center;
text-autospace:none'><b><span lang=EN-US style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'><?php echo call_user_func(report_title);?></span></b></p>

    <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:center;
text-autospace:none'><b><span lang=EN-US style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'>web</span></b><b><span style='font-size:26.0pt;font-family:
"微软雅黑","sans-serif"'>应用安全检测报告</span></b></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal><span lang=EN-US style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span lang=EN-US
                                                                    style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span
            style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>山东新潮信息技术有限公司</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span
            style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'>信息安全实验室</span></p>

    <p class=MsoNormal align=center style='text-align:center'><span
            style='font-size:16.0pt;font-family:"微软雅黑","sans-serif"'><?php echo date("Y").'年'.date("m").'月'.date("d").'日' ?></span></p>

    <p class=MsoNormal align=left style='margin-top:12.0pt;margin-right:17.8pt;
margin-bottom:0cm;margin-left:17.8pt;margin-bottom:.0001pt;text-align:left;
line-height:15.6pt;text-autospace:none'><span lang=EN-US style='font-size:12.0pt;
font-family:"Times New Roman","serif"'>&nbsp;</span></p>

</div>

<span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'><br
        clear=all style='page-break-before:always'>
</span>

<div class=WordSection2>

    <h2 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
0cm;line-height:20.75pt;page-break-after:avoid'><a name="_19"></a><b><span
            lang=EN-US style='font-size:15.5pt'>1. </span></b><b><span style='font-size:
15.5pt;font-family:宋体'>综述</span></b></h2>

    <p class=MsoNormal align=left style='margin-top:6.0pt;text-align:left;
text-indent:24.0pt;line-height:150%;text-autospace:none'><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'><?php echo call_user_func(report_general);?></span></p>

    <h2 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
0cm;line-height:20.75pt;page-break-after:avoid'><b><span lang=EN-US
                                                         style='font-size:15.5pt'>2. WEB</span></b><b><span style='font-size:15.5pt;
font-family:宋体'>安全漏洞列表</span></b></h2>

    <p class=MsoNormal align=left style='margin-top:6.0pt;text-align:left;
text-indent:24.0pt;line-height:150%;text-autospace:none'><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>对网站的开发人员进行安全编码方面的培训，在开发过程避免漏洞的引入能起到事半功倍的效果。</span></p>

    <h2 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
0cm;line-height:20.75pt;page-break-after:avoid'><b><span lang=EN-US
                                                         style='font-size:15.5pt'>3. WEB</span></b><b><span style='font-size:15.5pt;
font-family:宋体'>页面监测列表</span></b></h2>

    <p class=MsoNormal align=left style='margin-top:6.0pt;text-align:left;
text-indent:24.0pt;line-height:150%;text-autospace:none'><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>对网站的开发人员进行安全编码方面的培训，在开发过程避免漏洞的引入能起到事半功倍的效果。</span></p>

    <h2 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
0cm;line-height:20.75pt;page-break-after:avoid'><b><span lang=EN-US
                                                         style='font-size:15.5pt'>4. WEB</span></b><b><span style='font-size:15.5pt;
font-family:宋体'>信息泄露列表</span></b></h2>

    <p class=MsoNormal align=left style='margin-top:6.0pt;text-align:left;
text-indent:24.0pt;line-height:150%;text-autospace:none'><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>对网站的开发人员进行安全编码方面的培训，在开发过程避免漏洞的引入能起到事半功倍的效果。</span></p>

    <p class=MsoNormal align=left style='text-align:left;line-height:.05pt;
text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>&nbsp;</span></p>

    <p class=MsoNormal align=left style='text-align:left;line-height:.05pt;
text-autospace:none'><a name="_49"></a><a name="_80"></a><span lang=EN-US
                                                               style='font-size:12.0pt;font-family:"Times New Roman","serif"'>&nbsp;</span></p>

    <h2 style='margin-top:12.0pt;line-height:20.75pt;page-break-after:avoid'><a
            name="_119"></a><a name="_9031"></a><a name="_14238"></a><a name="_14515"></a><b><span
            lang=EN-US style='font-size:15.5pt'>5. </span></b><b><span style='font-size:
15.5pt;font-family:宋体'>参考标准</span></b></h2>

    <h3 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
24.0pt;line-height:18.9pt;page-break-after:avoid'><a name="_14517"></a><b><span
            lang=EN-US style='font-size:14.5pt'>5.1. </span></b><b><span style='font-size:
14.5pt;font-family:宋体'>单一漏洞风险等级评定标准</span></b></h3>

    <table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0
           style='margin-left:24.5pt;border-collapse:collapse'>
        <thead>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
   padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>危险程度</span></b></p>
            </td>
            <td width=171 valign=top style='width:128.15pt;border:solid windowtext 1.0pt;
   border-left:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>危险值区域</span></b></p>
            </td>
            <td width=285 valign=top style='width:213.6pt;border:solid windowtext 1.0pt;
   border-left:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>危险程度说明</span></b></p>
            </td>
        </tr>
        </thead>
        <tr>
            <td width=114 style='width:85.45pt;border:solid windowtext 1.0pt;border-top:
  none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>高</span></p>
            </td>
            <td width=171 style='width:128.15pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>7 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>漏洞风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;= 10</span></p>
            </td>
            <td width=285 style='width:213.6pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>攻击者可以远程执行任意命令或进行远程拒绝服务攻击。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 style='width:85.45pt;border:solid windowtext 1.0pt;border-top:
  none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>中</span></p>
            </td>
            <td width=171 style='width:128.15pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>4 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>漏洞风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt; 7</span></p>
            </td>
            <td width=285 style='width:213.6pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>攻击者可以利用</span><span
                        lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>Web</span><span
                        style='font-size:12.0pt;font-family:宋体'>网站攻击其他用户，读写远程系统文件或后台数据库。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 style='width:85.45pt;border:solid windowtext 1.0pt;border-top:
  none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>低</span></p>
            </td>
            <td width=171 style='width:128.15pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>0 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>漏洞风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;4</span></p>
            </td>
            <td width=285 style='width:213.6pt;border-top:none;border-left:none;
  border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>攻击者可以获取某些系统、文件的信息或冒用身份。</span></p>
            </td>
        </tr>
    </table>

    <p class=MsoNormal align=left style='margin-bottom:12.0pt;text-align:left;
line-height:.05pt;text-autospace:none'><span lang=EN-US style='font-size:12.0pt;
font-family:"Times New Roman","serif"'>&nbsp;</span></p>

    <table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0
           style='margin-left:24.5pt;border-collapse:collapse'>
        <thead>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
   padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>分值</span></b></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border:solid windowtext 1.0pt;
   border-left:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>评估标准</span></b></p>
            </td>
        </tr>
        </thead>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>1</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程获取</span><span
                        lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>Web</span><span
                        style='font-size:12.0pt;font-family:宋体'>服务器组件的版本信息。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>2</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>目标</span><span
                        lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>Web</span><span
                        style='font-size:12.0pt;font-family:宋体'>服务器开放了不必要的服务。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>3</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程访问到某些不在目录树中的文件或读取服务器动态脚本的源码。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>4</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程因为会话管理的问题导致身份冒用。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>5</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程利用受影响的</span><span
                        lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>Web</span><span
                        style='font-size:12.0pt;font-family:宋体'>服务器攻击其他浏览网站的用户。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>6</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程读取系统文件或后台数据库。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>7</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程读写系统文件、操作后台数据库。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>8</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程以普通用户身份执行命令或进行拒绝服务攻击。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>9</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程以管理用户身份执行命令（受限、不太容易利用）。</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>10</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=left style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:left;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>可远程以管理用户身份执行命令（不受限、容易利用）。</span></p>
            </td>
        </tr>
    </table>

    <p class=MsoNormal align=left style='text-align:left;line-height:.05pt;
text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>&nbsp;</span></p>

    <h3 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:
24.0pt;line-height:18.9pt;page-break-after:avoid'><a name="_14581"></a><b><span
            lang=EN-US style='font-size:14.5pt'>5.2. </span></b><b><span style='font-size:
14.5pt;font-family:宋体'>域名风险等级评定标准</span></b></h3>

    <table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0
           style='margin-left:24.5pt;border-collapse:collapse'>
        <thead>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
   padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>域名风险等级</span></b></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border:solid windowtext 1.0pt;
   border-left:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
   margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
   text-autospace:none'><b><span style='font-size:12.0pt;font-family:宋体'>域名风险值区域</span></b></p>
            </td>
        </tr>
        </thead>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>非常危险</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>7 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>域名风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;= 10</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>比较危险</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>5 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>域名风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;&nbsp;7</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>比较安全</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>2 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>域名风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;&nbsp;5</span></p>
            </td>
        </tr>
        <tr>
            <td width=114 valign=top style='width:85.45pt;border:solid windowtext 1.0pt;
  border-top:none;padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span style='font-size:12.0pt;font-family:宋体'>非常安全</span></p>
            </td>
            <td width=456 valign=top style='width:341.8pt;border-top:none;border-left:
  none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
  padding:0cm 0cm 0cm 0cm'>
                <p class=MsoNormal align=center style='margin-top:3.0pt;margin-right:5.0pt;
  margin-bottom:3.0pt;margin-left:5.0pt;text-align:center;line-height:15.6pt;
  text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:
  "Times New Roman","serif"'>0 &lt;= </span><span style='font-size:12.0pt;
  font-family:宋体'>域名风险值</span><span lang=EN-US style='font-size:12.0pt;
  font-family:"Times New Roman","serif"'> &lt;&nbsp;2</span></p>
            </td>
        </tr>
    </table>

    <p class=MsoNormal align=left style='text-align:left;line-height:.05pt;
text-autospace:none'><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'>&nbsp;</span></p>

    <h3 style='margin-top:12.0pt;margin-right:0cm;margin-bottom:0cm;margin-left:
24.0pt;margin-bottom:.0001pt;line-height:18.9pt;page-break-after:avoid'><a
            name="_14604"></a><b><span lang=EN-US style='font-size:14.5pt'>5.3. </span></b><b><span
            style='font-size:14.5pt;font-family:宋体'>安全建议</span></b></h3>

    <p class=MsoNormal align=left style='margin-top:24.0pt;margin-right:0cm;
margin-bottom:0cm;margin-left:24.05pt;margin-bottom:.0001pt;text-align:left;
text-indent:24.0pt;line-height:150%;text-autospace:none'><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>随着越来越多的网络访问通过</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>界面进行操作，</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>安全已经成为互联网安全的一个热点，基于</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>的攻击广为流行，</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>SQL</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>注入、跨站脚本、网站挂马等问题严重威胁</span><span
            style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>
</span><span style='font-size:12.0pt;line-height:150%;font-family:宋体'>着网站管理者和网络用户的安全，我们有必要采取措施消除这些风险。</span></p>

    <p class=MsoNormal align=left style='margin-top:6.0pt;margin-right:0cm;
margin-bottom:0cm;margin-left:36.0pt;margin-bottom:.0001pt;text-align:left;
text-indent:-12.0pt;line-height:150%;text-autospace:none'><span lang=EN-US
                                                                style='font-size:9.5pt;line-height:150%;font-family:"Times New Roman","serif"'>&#8226;&nbsp;&nbsp;&nbsp; </span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>请专业的安全研究人员或安全公司对架构网站的程序和代码做全面的源码审计，修补所有发现的安全漏洞，这种白盒安全测试比较深入全面。</span></p>

    <p class=MsoNormal align=left style='margin-top:6.0pt;margin-right:0cm;
margin-bottom:0cm;margin-left:36.0pt;margin-bottom:.0001pt;text-align:left;
text-indent:-12.0pt;line-height:150%;text-autospace:none'><span lang=EN-US
                                                                style='font-size:9.5pt;line-height:150%;font-family:"Times New Roman","serif"'>&#8226;&nbsp;&nbsp;&nbsp; </span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>对网站的开发人员进行安全编码方面的培训，在开发过程避免漏洞的引入能起到事半功倍的效果。</span></p>

    <p class=MsoNormal align=left style='margin-top:6.0pt;margin-right:0cm;
margin-bottom:0cm;margin-left:36.0pt;margin-bottom:.0001pt;text-align:left;
text-indent:-12.0pt;line-height:150%;text-autospace:none'><span lang=EN-US
                                                                style='font-size:9.5pt;line-height:150%;font-family:"Times New Roman","serif"'>&#8226;&nbsp;&nbsp;&nbsp; </span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>采用专业的</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>安全防火墙产品，可以在不修改网站本身的情况下对大多数的</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>攻击起到有效的阻断作用。</span></p>

    <p class=MsoNormal align=left style='margin-top:6.0pt;margin-right:0cm;
margin-bottom:0cm;margin-left:36.0pt;margin-bottom:.0001pt;text-align:left;
text-indent:-12.0pt;line-height:150%;text-autospace:none'><span lang=EN-US
                                                                style='font-size:9.5pt;line-height:150%;font-family:"Times New Roman","serif"'>&#8226;&nbsp;&nbsp;&nbsp; </span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>建议网络管理员、系统管理员、安全管理员关注安全信息、安全动态及最新的严重漏洞，特别是影响到</span><span
            lang=EN-US style='font-size:12.0pt;line-height:150%;font-family:"Times New Roman","serif"'>Web</span><span
            style='font-size:12.0pt;line-height:150%;font-family:宋体'>站点所使用的系统和软件的漏洞，应该在事前设计好应对规划，一旦发现系统受漏洞影响及时采取措施。</span></p>

</div>

</body>

</html>
